<?php
/**
 * MVM_MALL 网上商店系统
 * ============================================================================
 * 版权所有 (C) 2007-2010 www.mvmmall.com，并保留所有权利。
 * 网站地址: http://www.mvmmall.com
 * ----------------------------------------------------------------------------
 * 这是一个免费开源的软件；这意味着您可以在不用于商业目的的前提下对程序代码
 * 进行修改、使用和再发布。
 * ============================================================================
 * 
 * @author :     www.mvmmall.com <admin@mvmmall.com> 
 * @version :    v4.X
---------------------------------------------
 */
if(!defined('MVMMALL')){
    exit('Access Denied');
}
/*插件的代码必须和文件名保持一致 */
$payment['yeepay']['name']    = '易宝支付';

/*描述 */
$payment['yeepay']['desc']    = '易宝支付介绍';

/* 支付费用 */
$payment['yeepay']['pay_fee'] = '1%';

/* 是否支持在线支付 */
$spayment['yeepay']['online']  = 1;

/*否支持货到付款*/
$payment['yeepay']['cod']     = 0;

//申请地址
$payment['yeepay']['reg']     = 'https://www.yeepay.com/selfservice/registPage.action';

/* 版权信息*/
$payment['yeepay']['license']  = '版权所有www.mvmmall.com';

/*接口需要的参数 */
$payment['yeepay']['cfg'] =array(
        array('name' => 'p1_MerId', 'value' => '','label'=>'商户编号'),
        array('name' => 'keyValue', 'value' => '','label'=>'易宝密钥'),
    );

/**
 * 类
 */
class yeepay
{
    var $cfg;
    var $p0_Cmd="Buy";//扣款请求
    var $p4_Cur='CNY';//货币符号
    var $p9_SAF='0'; //送货信息 0：不需要  1:需要
    function yeepay($cfg = array())
    {
        foreach ($cfg AS $key=>$val)
        {
            $this->cfg[$val['name']] = $val['value'];
        }
    }
    /*提交支付请求，sn定单号，$amount支付价格*/
function pay_send($sn,$amount)	
	{
	    $p8_Url = MVMMALL_DIR."/respond.php?code=".basename(__FILE__, '.class.php');
		$sNewString=$this->getReqHmacString($sn,$amount,$p8_Url);	
		$result="
		<form name=\"yeepay\" action='https://www.yeepay.com/app-merchant-proxy/node' method='post' target='_blank'>
        <input type='hidden' name='p0_Cmd'  value='$this->p0_Cmd'>
        <input type='hidden' name='p1_MerId'  value='{$this->cfg[p1_MerId]}'>
        <input type=\"hidden\" name=\"p2_Order\"  value='$sn'>
        <input type='hidden' name='p3_Amt'  value='$amount'>
        <input type='hidden' name='p4_Cur'  value='$this->p4_Cur'>
        <input type='hidden' name='p5_Pid'    value=''>
        <input type='hidden' name='p6_Pcat'   value=''>
        <input type='hidden' name='p7_Pdesc'  value=''>
        <input type='hidden' name='p8_Url'  value='$p8_Url'>
        <input type='hidden' name='p9_SAF'  value='0'>
        <input type='hidden' name='pa_MP'  value=''>
        <input type='hidden' name='pd_FrpId'  value=''>
        <input type='hidden' name='pr_NeedResponse'  value=''>
        <input type='hidden' name='hmac'  value='$sNewString'>
        <input type='image' name='PayBtnUrl' src='images/pay/yeepay.gif'>
        </form>
				";
		$result=trim($result);
		return   $result;
	}
    /**
     * 提交返回处理*
     */
    function pay_receive()
    {
        $sNewString      = $this->getCallBackValue();
        $sn              = trim($_REQUEST['r6_Order']);;  //本系统定单号
        $succeed         = trim($_REQUEST['r1_Code']);   // 获取交易结果,1成功,-1失败
        $svrHmac         = trim($_REQUEST['hmac']);
        $amount          = trim($_REQUEST['r3_Amt']);    // 获取订单金额
	   if (strtoupper($svrHmac)==strtoupper($sNewString)){	
	       if ($succeed == '1'){
	            /*
                #商户网站逻辑处理#
                */
                //比较返回的订单号和金额与数据库中的金额是否相符
                $orderid= strip_tags($sn);
                $list = order_info($orderid);
                if ($list[order_amount]==$amount){
                    /* 改变订单状态*/
                    change_order($orderid);
                    return true;
                }else {
                    //和定单数据库不一致
                    return false;
                }
	       }else {
	           return false;
	       }
	       
	   }else {
	       return false;
	   }  
 }
 
//加密字符串 
function getReqHmacString($orderId,$amount,$p8_Url)
{
  #进行加密串处理，一定按照下列顺序进行
  #取得加密前的字符串
  $productId='';
  $productCAT='';
  $productDESC='';
  $mct_properties='';
  $sbOld = $this->p0_Cmd . $this->cfg[p1_MerId] . $orderId . $amount . $this->p4_Cur . $productId . $productCAT
                             . $productDESC . $p8_Url . $this->p9_SAF . $mct_properties;
  return $this->hmac($this->cfg[keyValue],$sbOld);
} 
##解析返回字符串
function getCallBackValue(){
    $date  = $this->cfg[p1_MerId] . trim($_REQUEST['r0_Cmd']) . trim($_REQUEST['r1_Code']) . trim($_REQUEST['r2_TrxId']) . trim($_REQUEST['r3_Amt']) . trim($_REQUEST['r4_Cur']) . trim($_REQUEST['r5_Pid']) .
                      trim($_REQUEST['r6_Order']) . trim($_REQUEST['r7_Uid']) . trim($_REQUEST['r8_MP']) . trim($_REQUEST['r9_BType']);
        return $this->hmac($this->cfg[keyValue],$date);   
}

    function hmac($key, $data)
    {
        // RFC 2104 HMAC implementation for php.
        // Creates an md5 HMAC.
        // Eliminates the need to install mhash to compute a HMAC
        // Hacked by Lance Rushing(NOTE: Hacked means written)
        //需要配置环境支持iconv，否则中文参数不能正常处理
        $key = iconv("GB2312","UTF-8",$key);
        $data = iconv("GB2312","UTF-8",$data);
        $b = 64; // byte length for md5
        if (strlen($key) > $b) {
            $key = pack("H*",md5($key));
        }
        $key = str_pad($key, $b, chr(0x00));
        $ipad = str_pad('', $b, chr(0x36));
        $opad = str_pad('', $b, chr(0x5c));
        $k_ipad = $key ^ $ipad ;
        $k_opad = $key ^ $opad;
        return md5($k_opad . pack("H*",md5($k_ipad . $data)));
    }
}